Review – Public ICS Disclosures – Week of 1-10-26 – Part 1

This is a moderately busy disclosure week. We have six bulk vendor disclosures from HPE (6). We have 11 additional vendor disclosures from Delta Electronics (2), FortiGuard (2), Meinberg, NI, and Schneider (3), and Palo Alto Networks (2).

Bulk Disclosures – HPE

• HPESBHF04991 rev.1 - Certain HPE ProLiant DL/XL Servers Using Certain AMD EPYC Processors, AMD-SB-3027,SEV-SNP Guest Stack Pointer Corruption Vulnerability,

• HPESBNW04993 rev.1 - HPE Telco Service Orchestrator software, Buffer Overflow Vulnerability,

• HPESBNW04992 rev.1 - Multiple Vulnerabilities HPE Aruba Networking EdgeConnect SD-WAN Orchestrator,

• HPESBNW04994 rev.1 - Local Privilege Escalation Vulnerability in HPE Aruba Networking Virtual Intranet Access (VIA) Client for Linux,

• HPESBNW04988 rev.1 - HPE Networking Instant On, Multiple Vulnerabilities,

• HPESBNW04987 rev.1 - Multiple Vulnerabilities in HPE Aruba Networking AOS-8 and AOS-10 for Mobility Conductors, Controllers, and Gateways.

Advisories

Delta Advisory #1 - Delta published an advisory that describes a command injection vulnerability in their DIAView product.

Delta published an advisory that describes two vulnerabilities in their DIAView product.

FortiGuard Advisory #1 - FortiGuard published an advisory that describes a heap-based buffer overflow vulnerability in their FortiOS and FortiSwitchManager products.

FortiGuard Advisory #2 - FortiGuard published an advisory that describes a server-side request forgery vulnerability in their FortiSandbox product.

Meinberg Advisory - Meinberg published an advisory that discusses 10 vulnerabilities (two with publicly available exploits) in their LANTIME product.

NI Advisory - NI published an advisory that discusses an improper handling of length parameter inconsistency vulnerability (listed in CISA’s KEV catalog) in multiple NI products.

Schneider Advisory #1 - Schneider published an advisory that discusses four vulnerabilities in their Plant iT/Brewmaxx product.

Schneider Advisory #2 - Schneider published an advisory that describes an incorrect default permissions vulnerability in their EcoStruxure Process Expert products.

Schneider Advisory #3 - Schneider published an advisory that discusses five vulnerabilities in multiple products.

Palo Alto Networks Advisory #1 - PAN published an advisory that discusses 27 vulnerabilities their Prisma Browser.

Palo Alto Networks Advisory #2 - PAN published an advisory that describes an improper check for unusual or exceptional conditions vulnerability in their PAN-OS and Prisma Access products.

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - - subscription required.